<?php

require "../utility.php";

$conn = connect_mysql();
$user_id = getUserIdBySessionId($conn);

http_response_code(403);

if ($user_id !== null &&
    check_keys($_GET, "id")) {
    $id = $_GET["id"];
    $update_str = "UPDATE Orders SET status = 3 WHERE ID = ? AND userID = ? AND status = 2;";
    $update_stmt = $conn->prepare($update_str);
    $update_stmt->bind_param("si", $id, $user_id);

    if ($update_stmt->execute()) {
        http_response_code(200);
    }
}

?>